Decade-old flaw could affect Linux, Macs

Filed under
Security

Patches have been released for file-networking protocol software, Samba, revealing that the software, which is used extensively in Macs and Linux, has been subject to a critical vulnerability for almost a decade.

The security advisory released by the Samba team reveals that the vulnerability makes it possible for a remote, unauthenticated user to send a specially crafted remote procedure call that will create multiple buffer overflows in the Samba server. This would allow a malicious user to crash the service, or possibly execute arbitrary code with root user privileges.

The most recent stable release of Samba prior to the patch, version 3.6.3, is susceptible.

rest here